Webfooted Weblog

2011-01-16, The New York Times added its weight to claims that the USA and Israel were responsible for the notorious recent Stuxnet computer worm attack on Iranian nuclear centrifuges. Amongst many other claims, it said:

“The virus was designed as an American-Israeli project to sabotage the Iranian program.“

http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html

But closer inspection of the Stuxnet saga indicates a story with some gaping holes and anomalies. Some of the issues that puzzle me include…

1. Why did Iran, a sworn enemy of the United States, base its nuclear energy programme around a proprietary American operating system? If I were using an enemy’s software product to build a highly contentious and vulnerable plant, I would at least want to inspect its source code for malware & possible back-doors.

2. MS Windows is not renowned for security at the best of times. Who in their right mind would use it for a controlling a Nuclear power plant? Kinda puts a whole new spin on the expression “blue screen of death” doesn’t it?

3. Why did Siemens (the manufacturer of the plant controller software) hard-code the system password? And then tell its users never to change it?

4. Anyone noticed how quiet Microsoft is regarding this matter? And why did Microsoft allow one of the four serious vulnerabilities that were eventually exploited by Stuxnet, to go unfixed for over a year?

http://www.h-online.com/security/news/item/
Vulnerability-exploited-by-Stuxnet-
discovered-more-than-a-year-ago-1095797.html

5. If USA and/or Israeli Governments did create (or sponsor the creation of) Stuxnet, then I wonder if it occurred to its orchestrators that their own Windows-based systems could also be vulnerable? Whilst Iran has suffered the most, as of August 2010, 1.56% of Stuxnet strikes were in the USA!

http://j-j.co.za/?tag=stuxnet

6. Indeed, if the US and/or its allies have really initiated this attack, then, considering their dependence on MS operating systems, this could prove to be a deeply embarrassing and costly own goal. I wonder if the geniuses in the Pentagon have a name for it yet? “Friendly-cyberfire?” “Collateral-cyberdamage?” And what plans are in place to put right the damage?

To misquote Paul Daniels, I suspect, “Not a lot!”

So it seems to me that huge chunks of this story are missing. Since we can no longer believe a word that any Government says about anything, perhaps Mr Assange and his chums will dig up something they can share with us?

I can’t help feeling we need whistleblowers now more than ever. Or as George Orwell rather aptly put it: During times of universal deceit, telling the truth becomes a revolutionary act.

Honk! Honk!

A Yuletide pause for reflection

Much has been said in the popular press recently regarding Julian Assange and his notorious Wikileaks website. Three things strike me about the Wikileaks saga…

1. Our leaders’ total lack of integrity.

Wikileaks has verified what I have suspected for many years, namely that many of our politicians have four priorities:-

First priority for our leaders is pursuance of their own careers. Their second priority is the political party to which they belong. A very close third come the big corporations, upon whom these political parties depend for their funding. Finally, last and very much least, come the poor schmucks who vote for them and ultimately pay their wages.

Worse, the above rule-of-thumb applies to our relatively honest politicians. The dodgier specimens, (e.g.  Bush, Blair, Cheney, et al), are even more disgusting and worthless. Seems these scum-sucking lowlifes are happy simply to grab as much taxpayers’ money as possible and squander it on stupid wars and/or to line their own pockets. They don’t care how many people die, or how much of our money they waste in the process.

2. Covering up is more important than reform.

As a result of those very damning revelations from the pages of Wikileaks,  the planet’s political class is now striving very hard indeed to find more effective ways to cover up its lies and evil doings. However, I feel it is much more significant, not to mention depressing, that not one of our “leaders” seems in the least bit interested in the concept of better governance. Perhaps if our politicians genuinely cared about honest and open government, then there would be less to cover up in the first place?

3.The “Special Relationship” scam.

Any nation that considers itself to have a “special relationship” with the United States should urgently reconsider its position. Old Blighty in particular, please take note!

Honk! Honk! and Merry Christmas.

We’ve seen some pretty uninspiring performances from our boys-in-blue over the years. But this one takes the proverbial cake.

Seems that on 2010-09-03 at around 01:15 UTC, two officers from the Manchester force stopped and arrested a suspected drunk driver and confiscated his sports car. Whilst waiting for the tow truck to collect the vehicle, these clowns-in-uniform then decided to take it for a joyride. Shortly after climbing into the vehicle, a powerful Mitsubishi Evo 8, they slammed it into a garden wall in a quiet residential district called Trafford.

The street in which the incident took place has a 30 mph | 50 kmh speed limit – not that there is much evidence of this when you study the video of the wrecked car! Apparently, Chief Supt Mark Roberts, divisional commander for Trafford, told the Manchester Evening News, “I can assure the local community that this incident will be rigorously investigated.”

http://menmedia.co.uk/manchestereveningnews/news/s/
1315935_police_officers_seize_highpowered_sports_car
__then_crash_it_into_garden_wall

Now, after the matter has been rigorously covered up investigated, I wonder what Mr Roberts’ report will look like? Something like this perhaps…

The brave and conscientious officers were proceeding with great care along Hale Road at 29 mph when a delightful fluffy little kitten suddenly ran into the road. This caused the officer to swerve and clip the curb at just the wrong angle.

By a strange freak of nature, this caused the vehicle to leap into the air and spin round several times, mid-air. This resulted in a rapid increase in velocity, thus providing sufficient kinetic energy to completely demolish the brick wall on impact. Also, the wall was very badly built.

The vehicle was a Mitsubishi Evo. This is a Japanese vehicle. This means it was designed for little slitty-eyed people. Therefore, it was inadequately sized for a pair of well-built British police officers.  These are men who have diligently endured a lifetime of  stuffing their faces with double portions of fish & chips with sausages-in-batter, mushy peas and gravy, whilst on duty.

However, the  colour of the vehicle may have contributed towards the accident. The yellow street-lights may have dangerously reflected off the yellow paintwork, which may have temporarily blinded the officer driving the vehicle, possibly.

We also note that the car was poorly maintained and had not been washed for almost a week. There were also traces of ash in the ashtray and a sweet wrapper on the floor.

Most importantly, the utterly wrecked state of the vehicle does not constitute evidence that my officers were doing 140 mph in a 30 mph zone. The vehicle is made of very thin metal and therefore it dents very easily. Besides, considering the combined weight of the two officers, it is unlikely the vehicle could ever have reached its top speed anyway.

Unfortunately, the enquiry has been unable to determine exactly which officer was driving because they both suffered a loss of memory due to the accident. Therefore neither of the officers concerned can be prosecuted.

Consequently, the vehicle’s owner will not be entitled to compensation. Moreover, the owner may face the very serious charge of “failure to provide a police officer with a decent vehicle to go joyriding in.”

Meantime, the home-owner, upon whose property the vehicle finally came to rest, and whose garden wall was demolished in the incident, has also made a claim for compensation. However his claim has also been dismissed and he now faces charges of “having a very untidy garden, in a fairly posh area” and “wasting police time“.

Honk! Honk!

Seems this is one of the great mysteries of our time! As far as my little goosy brain can recall, the war in Afghanistan was originally in retaliation for the suicide bombings in New York, 2001-09-11. Seems the US president at the time had great difficulty in grasping the concept of a “suicide bombing” and felt the need to blame and bomb someone.

Then it was to capture or kill alleged 9/11 architect Osama Bin Laden – though that idea soon dropped off the proverbial radar for reasons that have never been adequately explained. Nor was the true nature of Al-Qaeda explained, though the bearded, dark-skinned Bin Laden made a fantastic bogeyman and was even used to justify the illegal war in Iraq.

Some of the lies that the US Authorities told regarding AlQaeda are detailed in this BBC documentary entitled “The Power of Nightmares“:- http://www.archive.org/details/ThePowerOfNightmares

Then the purpose of the Afghan war was to defeat the Taliban – which of course has failed miserably. Ironically, the Taliban were formerly part of the Mujahideen, a group of fierce rebels that formed during the war against the Soviet occupation of Afghanistan in the late 1970′s and 1980′s. Only in those days, they were “holy warriors and freedom fighters, defending democracy and the American way, etc., etc.” Consequently, under the Reagan administration, they were the proud recipients of truck-loads of American weapons and wads of hard currency, delivered with the compliments of the CIA.

Then, one day, the US generals realised they didn’t have enough manpower to defeat the Taliban. So suddenly the mission became to “liberate women“. After all, the womenfolk were having a pretty grim time under Taliban rule. So what better way to extract more money out of Congress and put more troops on the ground.

This was followed by claims that the true purpose was to prop up the “democratically” elected government of President Hamid Karzai. The proverbial wheels fell off when it was revealed that around 1/3 of Karzai’s votes were, in fact, rigged and two of his senior election officials were forced to resign.

I understand the latest “objectives” involve weeding out the corruption in the US puppet Afghan Government, followed by an orderly but face-saving withdrawal of US and other NATO troops. However, NATO chiefs are somewhat backward in coming forward regarding how these latest “objectives” can be achieved. The situation is made more complex by Karzai’s claims that the vote fiddling was actually the work of the US and its allies.

Karzai also blames the United States for empowering the Taliban in the first place – conveniently forgetting of course that he also supported the Mujahideen back in the 1980′s. With a minimum of publicity, “secret” negotiations with the Taliban began in May 2010. This is particularly distasteful to Karzai because the Taliban gunned down his father in 1999-07-14.

Today it seems that Afghan women’s rights have quietly been dropped from NATO’s agenda, just like “capturing Osama bin Laden” was several years earlier. Moreover, the talk in the circles of power seems more of “doing a deal with” the Taliban, rather than “defeating” them.

Throughout this sad and sorry saga, we were also told that the United States had a secondary purpose in Afghanistan, namely to stamp out the production of opium – the raw ingredient for heroin. Needless to say, opium production has actually seen a steady year-on-year growth throughout the US occupation and today Afghanistan supplies over 93% of the global opiates market.

http://www.cfr.org/publication/14099/afghanistan_opium_survey_2007.html

Meantime the poor old taxpayer is starting to ask him/herself who is the least credible:- the Terrible Taliban, the Crooked Karzai, the Prevaricating Pentagon, or a US administration that seems to change its story as often as some people change their underpants? Fact is, they have all lied and they all have much blood on their hands. And I use the words “poor taxpayer” advisedly. The wars in Afghanistan and Iraq have already cost the United States in excess of one trillion dollars!

That’s the way the money goes…

Which leads me neatly to the ultimate irony. When the United States fought (and eventually lost) the Vietnam war, the world was told it was to stop the spread of Communism – the so-called “domino theory“. Today, a significant proportion of the money the United States has squandered on its latest round of pointless wars was borrowed from the “top domino” – the People’s Republic of China.

Some interesting further reading, from a rather surprising source:-

http://spectator.org/archives/2010/03/26/why-are-we-in-afghanistan

Seems that despite Enron, Worldcom et al, the US financial administration has learnt absolutely nothing from its myriad of previous failings. Dell’s paltry (US)$100 million penalty for its chronic cooking-of-the books bears testament to fact that the US authorities are still unwilling or incapable of dealing effectively with America’s thoroughly bent and corrupt corporations.

The pathetic personal penalties paid by the perpetrators of these crimes are even more astonishing. For example, Dell’s CEO and arch-crook Michael Dell should be doing time, not fined a mere four-million bucks (petty cash to him) and allowed to carry on business as usual…

http://www.sec.gov/news/press/2010/2010-131.htm

But let’s stand back from this latest US corporate fraud for a moment. Acer founder’s recent observation that many American IT corporations will become irrelevant within 20 years, seems very poignant.

http://www.zdnet.com/blog/gadgetreviews/acer-founder-thinks-american-it-brands-will-be-dead-in-20-years/11340

If devices such as this hit the market…

http://www.bbc.co.uk/news/world-south-asia-10740817

…then Dell, Microsoft, IBM and even Apple Computer Inc will be in very deep trouble.

Twenty-five quid tablet computer from India (from BBC News)

Even if this particular device never hits the market, you can be absolutely certain that others will. We are rapidly approaching a time when really good unbranded computer hardware, running free, open source operating systems such as Linux will be available as complete, working devices for less than the cost of a proprietary American operating system.

We are also entering the second dip of the worst recession in 80 years. Several key western economies, including the USA are hopelessly in-the-red and are now teetering on the brink of bankruptcy:-

https://www.cia.gov/library/publications/the-world-factbook/rankorder/2187rank.html

So who  is going to pay $100 for Mac OSX or Windows operating systems, (other than the very rich and handful of brand-loyal fanbois,) when you can buy a complete, working computer, c/w operating system and all the software you need, for a fraction of that? Who will stump-up all that hard-earned cash for an Apple iPad when you can buy a device that’s just as good, for less than one tenth of the price? And the days of average folks paying $500+ for a jazzed-up mobile telephone are certainly drawing to a close!

Trouble is that the fat-cats running the US IT corporations have their heads so far up their own proverbial bottoms that they cannot see the writing on the wall. Indeed, this lack of vision beyond the current fiscal year’s profits is a disease that has infected much of corporate America.

On the other hand, perhaps America’s rich-and-powerful know exactly what’s happening and that’s why they are scrambling to ram their snouts in the trough before the gravy train pulls out of the station?

Honk! Honk! Mind the gap! Stand clear of the doors please!

Micro$haft operating systems hit by yet another “zero-day” malware strike is hardly news. But this latest attack in the guise of “Stuxnet” is different. Seems from my albeit limited reading on the subject that the Stuxnet concept strikes right at the very heart of the “Windows way of doing things“.

For example:-

1. Windows 7 64bit insists on so-called “signed drivers” – the excuse being that it makes the system much more secure. But Stuxnet worm uses stolen digital certificates (from Realtek & JMicron). So it can freely install its payload ( a.sys file rootkit) as a legitimate driver.
2. Whilst Verisign has now withdrawn one of these stolen certificates, it is clear that digital signing can no longer be relied upon as a means of verifying the integrity of Windows software or drivers.
3. Microsoft has been crowing about its “better than Unix” UAC (user access control) system. Stuxnet completely bypasses that. In fact, it appears that in this context that the “.lnk” files that MS uses for its short-cuts are not subject to any form of UAC at all!
4. This does not only spread by USB sticks as some would have us believe. Infected machines can spread the worm via ethernet connections too. In fact, you don’t have to open a file. You merely need to use Microsoft’s file Explorer to view a directory! So external SMB connections and Sharepoint are both vulnerable now.
5. Now it is “in the wild” and currently infecting roughly 1000 Windows PCS a day, other “copycat” criminals will use the same or similar techniques.

So, if your computing is important to you, then please don’t put all your proverbial “eggs in one basket” by relying solely on Micro$oft’s poor quality, over-priced operating systems. Or better still, dump M$ completely! It is perfectly achievable and will save you a small fortune:-

http://www.garfnet.org.uk/joomla/index.php?option=com_content&task=view&id=66&Itemid=16

Some further reading:-

http://news.softpedia.com/news/New-Stuxnet-Related-Malware-Signed-Using-Certificate-from-JMicron-148213.shtml

http://www.controlengeurope.com/article.aspx?ArticleID=35267

Probably most easily digested Stuxnet analysis I have read so far:-

http://www.theregister.co.uk/2010/07/20/win_shortcut_vuln_exploit_code/

Honk! Honk!

Worst thing about British pubs is not the prices – though I have to say, they are pretty shocking! It’s the rubbish standard of service, the queuing forever at the bar, dirty glasses, surly staff who make out they are doing you a tremendous favour serving you in the first place. And unless you choose one of the few independent pubs, the beer is pretty poor too. And does anywhere in the South of England know how to keep Guinness properly?

CF. continental Europe, where you sit down with your friends and a few minutes later, someone (often an unbelievably pretty waitress) takes your order. You can choose from a list of beers – and there are generally quite a few good ones, in amongst the dross. Most of the time, if you are a stranger in town, you can enquire which is the best brew to try first. This is an altogether much more pleasant and relaxed way to enjoy your beer.

If you are with someone who doesn’t drink alcohol, e.g. Mrs Goose, then the establishment will offer you coffee, hot chocolate or at least something that she likes. Whilst prices tend to be very close to UK ones these days, due to the plummeting value of Sterling against the Euro, the quality of service makes the price worth while.

No wonder UK pubs are closing at such a rapid rate. They seem stuck in a post-WW2 time-warp or something and seem to think that having an ear-splittingly loud jukebox and a few plastic oak beams will provide the “atmosphere” needed to get the punters through the door, and compensate for the grunting bar-staff. And don’t get me started on the horror they call “quiz-nites“. UK pubs simply have not caught up with what customers really want, i.e. a bit of service, please! Frankly “yer average boozer” here in Sunny Southampton is simply dreadful and they would have to pay me to set-foot through the door.

Now where’s that crate of McEwan’s Champion? Honk! Honk!

A Chinese company is claiming that Apple actually ripped the idea off from one of its existing Chinese-made products, called a “P88“. The P88 has been on sale for six months according to the company’s president, Mr Xiaolong Wu. The P88 easy to recognise because it “looks just like a big iPhone“.

Seems Shenzhen Great Loong Brother Industrial Co., Ltd. is threatening to sue Apple for “Plagiarism“. Presumably by this it means some sort of intellectual property theft? Despite its similar looks, the P88 is actually quite different under the bonnet from the iPad. It has a 250 Gigabyte hard disk, an ethernet port and three USB ports. It also runs Windows or Linux. The touch screen is only a single touch resistive type. But the processor is, in theory at least, faster than the iPad.

Personally I wouldn’t touch the P88 if it came bundled with Windows – I refuse to pay Windows Tax! And I wouldn’t have an iPAD under any circumstances while it was so riddled with DRM. However, I think the P88 pad, at the right price, running Linux and 100% FOSS could actually be quite an attractive product – if you like that sort of thing.

Whichever way this goes, it certainly rains on the proverbial parade for Apple Computer Inc., which is never a bad thing, in my view. It also makes it very difficult for Apple to sue any of its competitors in this context. So, If I were a gambling goose, then I’d place my bets on seeing a large range affordable clone tablets pretty soon. I would expect some of these to be far superior to the iPad – particularly for those who despise DRM and who care about their privacy – and a heck of a lot cheaper too!

Funny old world, huh! Honk! Honk!

When I first heard about iPads, I thought it was something that geek girls might use during their iPeriods. But it seems I was mistaken.

Actually, I think the tablet form factor is an interesting one and may have great appeal in areas such as education. That’s why Nicolas Negroponte and his team have adopted it for the next generation X0-3 OLPC. However I have serious misgivings with regard to both the price and even more so with regard to Apple’s heavy-handed deployment of DRM (digital restrictions management) in these devices. In a nutshell, Apple can:-

• Decide what software you are allowed to use.
• Delete any content it disapproves of.
• Disable the device completely.

Nevertheless, a reasonable degree of commercial success for the iPad will no doubt inspire Chinese and Taiwanese companies to produce perfectly adequate generic clones. These will be significantly cheaper than the iPad, whilst not being infected with Apple DRM. Then it would not take the open source community long to write and compile decent apps for the clones. I understand that the XO-3 will be 100% OSS (open source software). So I suspect that many existing OSS apps will be ported to the generic pads very rapidly.

Therefore I’m perfectly happy to let the Apple fanbois have their fun. If they are prepared to pay through-the-nose whilst Steve Big Jobs & his minions @ Apple Computer Inc. spy on their data and dictate what apps they can and cannot use, then more fool them! Meantime, smart people will wait for one of the new generation generic pads that will undoubtedly follow – running some form of GNU/Linux and c/w 100% open source software of course.

Translated into practical terms my little goslings, that means 1/3 the cost of an iPad, 100% freedom regarding what software you install and infinite superiority in terms of privacy and security.

Honk! Honk!

References:-

This was the title of a blog post over at ZDNet. So should you dump Internet Exploder. Now let me see…

Yes! Yes! Yes! Along with all Microsoft’s other products!

Let’s stand back from this for a minute folks. Microsoft is a big, greedy, highly profitable US corporation that has systematically stifled its competition whilst deploying a variety of highly dubious methods to force equipment manufacturers to bundle its products. Microsoft has a long track record of producing poor quality and insecure products. Meantime, its senior executives have become very rich indeed. One would have more sympathy with Microsoft if it had poured its vast profits back into securing its products. But it hasn’t.

I hope that legislatures around the planet will go much further than just recommending users stop using one of Microsoft’s products. I hope they will explicitly outlaw Microsoft “bundling”, so that consumers actually have a choice of operating system. It is entirely unacceptable that consumers are forced to buy Windows whenever they buy a new computer. Why should we be forced to pay what amounts to a “Windows Tax” to Microsoft, regardless of whether we want to use its rotten products or not?

The good news is that it seems the Microsoft racket is finally unravelling. I would say to consumers everywhere, now would be a very good time to write to your MP/congressman. Complain to your national/regional consumer protection organisations. If you can buy equipment OS-free then do so. Boycott IT suppliers that still persist with bundling. The writing is on the wall my little goslings…

The Hungarian Government recently voted its public sector should adopt open standards:-

http://news.cnet.com/8301-13505_3-10419262-16.html

http://nyissz.hu/blog/10-points-on-the-mandatory-use-of-open-standards-in-hungary/

Meantime it seems the good people of Italy have started a class action against Microsoft to get their Windows Tax refunded:-

http://arstechnica.com/microsoft/news/2010/01/italian-class-action-suit-targets-unwanted-windows-installs.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

The GarfNet team successfully dumped Microsoft back in May 2007 and it was one of the best business decisions they ever made. Moreover, it proved beyond all reasonable doubt that Microsoft-free businesses are perfectly viable:-

Actually MS-free businesses are more than merely “viable”. Being free from Microsoft has considerable advantages, both in terms of cost and in operational terms, i.e. reliability, security, ease of replicating systems, lack of malware etc.:-

Meanwhile GarfNet is compiling a formal complaint to the UK Office of Fair Trading and to the European Union Competition Commission regarding the forced payment of Windows Tax here in the UK. There is still a lot of work to do but this is the progress so far:-

Final comment before the Microsoft apologists and “fanbois” get up-in-arms. I’m not actually advocating the total annihilation of Microsoft. However I think the world would benefit from a much downsized Microsoft, with much lower profits and perhaps a 20-30% market share. I have no doubt that a Microsoft that actually had to compete in the marketplace would produce higher quality and more secure products. This would be better for the consumer, better for national security, better for the economy and better for the IT industry. Long term it might even be better for Microsoft too!

Though I suspect that I will stick with the Penguinisitas, whatever happens to Micro$haft. Honk! Honk!